diff options
| author | Kees Cook <keescook@chromium.org> | 2018-09-19 22:57:06 -0400 |
|---|---|---|
| committer | Kees Cook <keescook@chromium.org> | 2019-01-08 16:18:43 -0500 |
| commit | 14bd99c821f7ace0e8110a1bfdfaa27e1788e20f (patch) | |
| tree | a5feee1ff6b832eaffef89d1bde995e0574723e2 /security/selinux | |
| parent | 7e611486d905f435faf80969deed68a615019e6b (diff) | |
LSM: Separate idea of "major" LSM from "exclusive" LSM
In order to both support old "security=" Legacy Major LSM selection, and
handling real exclusivity, this creates LSM_FLAG_EXCLUSIVE and updates
the selection logic to handle them.
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
Diffstat (limited to 'security/selinux')
| -rw-r--r-- | security/selinux/hooks.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 0f8ae2fbd14a..49865f119b16 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -6989,7 +6989,7 @@ void selinux_complete_init(void) | |||
| 6989 | all processes and objects when they are created. */ | 6989 | all processes and objects when they are created. */ |
| 6990 | DEFINE_LSM(selinux) = { | 6990 | DEFINE_LSM(selinux) = { |
| 6991 | .name = "selinux", | 6991 | .name = "selinux", |
| 6992 | .flags = LSM_FLAG_LEGACY_MAJOR, | 6992 | .flags = LSM_FLAG_LEGACY_MAJOR | LSM_FLAG_EXCLUSIVE, |
| 6993 | .enabled = &selinux_enabled, | 6993 | .enabled = &selinux_enabled, |
| 6994 | .init = selinux_init, | 6994 | .init = selinux_init, |
| 6995 | }; | 6995 | }; |